An effective audit committee can be your not-for-profit organization’s best friend, safeguarding its most valuable asset: its reputation. Audit committees are tasked with providing experience, oversight and direction. Well-run committees ensure that management implements and follows an effective system of internal controls, and that outside auditors objectively assess the organization’s financial reporting practices. Through these and related efforts, audit committees strengthen their organizations by protecting their integrity, financial health and long-term viability.
As not-for-profits face increased scrutiny – from the IRS; local, state and federal government; and from donors – the pressure on today’s audit committees is extraordinary. Each member understands it is his or her responsibility not only to prepare accurate financial statements, demonstrate responsible financial management, maintain regulatory compliance and manage operating risks, but to protect the very essence of the organization.
Audit committees vary in size based on an organization’s complexity but typically are comprised of three to five members, the majority of whom should be board members. All audit committee members should be independent of the organization’s management – meaning participants receive no financial incentives or payment from management. The audit committee itself also should be independent. Though it works collaboratively with internal and external auditors and management, the committee must be completely separate from each of these groups.
While audit committees may include members with varied backgrounds and experience in key business functions, for example financial reporting or risk management, organizations generally look for members who possess a solid background in business or finance, have a strong understanding of internal control concepts, and knowledge of business risk and compliance issues unique to the not-for-profit organization.
At least one member of the audit committee should have deep financial expertise, including knowledge of financial reporting and internal controls, experience with the audit process and working with auditors, and familiarity with not-for-profit accounting policies and procedures. Additionally, while most audit committee members typically have finance, accounting or legal backgrounds, it is oftentimes useful to also include a member with specific program expertise.
Of course, to be effective all committee members must understand the organization’s business model, and the drivers impacting management’s choices in key areas such as the selection and application of critical accounting policies and financial strategies.
Primary Audit Committee Responsibilities
Though audit committees have numerous responsibilities, three stand apart: representing the board in “overseeing the establishment and implementation of accounting policies and internal controls aimed at promoting positive financial stewardship;” initiating the conversation on business risks; and overseeing compliance.
Audit committees are charged with protecting the organization’s assets, mitigating fraud risk, and ensuring the accuracy of financial reporting. To do so, effective audit committees closely monitor the findings of the internal and external auditors charged with testing the organization’s internal controls and risk management procedures. Audit committee members should meet regularly with internal auditors and at least twice a year with external auditors to discuss work plans and review audit findings prior to presentation to the full board of directors.
Audit committees lead the discussion on business risk, exploring how the organization plans for known and potential risks. To do so, audit committee members must thoroughly understand the organization’s investment practices, disaster recovery plans, donor and grantor requirements, charitable registration practices, insurance coverage, adherence to tax regulations and most significant, the not-for-profit’s risk tolerance. For greatest effectiveness, the audit committee should work closely with other board committees that may have a hand in addressing business risk, for instance the investment, development and/or human resources committees.
To be effective and truly help its organization, an audit committee must be keenly aware of compliance issues. Committee members must understand not only the regulatory standards that affect the organization, but how the organization conforms to those standards and how internal and external auditors assess the performance of the organization regarding these regulatory matters. While the size and type of organization will influence the audit committee’s specific duties, every audit committee will have a role in helping its organization comply with rules regarding financial accounting, reporting, billing, spending, investing, and program reporting.
Executive sessions offer audit committee members the opportunity to query members of the management team and external auditors on various risk management-related subjects. These sessions are intended to allow for a free exchange of ideas on sensitive subjects in a non-threatening environment. In fact, the sessions are specifically designed to provide participants the opportunity to offer candid views on sensitive issues that may be inappropriate to discuss in an open forum.
That’s why it is important to consider the participants, and perhaps conduct meetings between individuals or groups. For example, if an audit committee member wants to discuss an issue with the audit firm of a large not-for-profit, the CFO and members of management should not be present so that the audit firm and members of the audit committee feel at ease and are willing to be open in their discussion.
The audit committee should take into consideration the organization’s mission, the competitive environment in which it operates, the current economic climate, and similar factors when crafting questions to pose during an executive session. It is important that questions foster an open dialogue between committee members and members of the audit team.
It is imperative that committee members possess sufficient financial expertise to understand the issues and formulate appropriate follow-up questions, as well as take any further action, as needed.
While the list of potential questions is endless, here are a few examples of the types of questions typically posed by audit committee members in executive sessions:
- Are you aware of any situations of revenue or expense manipulation?
- Is the organization taking a critical look at its business model? Or, is it just looking for short-term solutions that may not be sustainable?
- Are resources (people, assets, cash flow, etc.) sufficient to meet the mission of the organization?
- Is risk management part of the organization’s culture? Are other organizations looking at their risks in a holistic way, including operational and financial risks that range from possible to unimaginable?
The most effective audit committees routinely perform self-assessments to evaluate whether their individual members, as well as the group as a whole, possess the knowledge necessary to respond to the business, reporting, technical or other key issues facing the not-for-profit organization.
Audit committees play a pivotal role in steering today’s organizations, and a committee’s diligence and effectiveness can greatly enhance or detract from a not-for-profit’s success. For guidance on establishing a new audit committee, or assistance enhancing the performance of one that already exists, please contact us here.